From: Christian Allred <christian@theallreds.net>
Date: Mon, 5 Apr 2021 22:41:53 +0000 (-0700)
Subject: Add max-query-restarts config parameter
X-Git-Tag: release-1.17.1rc1~6^2~1^2~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=41fa45c99e827012112fb4d3fc59cd54d3391687;p=thirdparty%2Funbound.git

Add max-query-restarts config parameter
---

diff --git a/util/config_file.c b/util/config_file.c
index 171251f67..ce3fc543b 100644
--- a/util/config_file.c
+++ b/util/config_file.c
@@ -344,6 +344,7 @@ config_create(void)
 	cfg->pad_responses_block_size = 468; /* from RFC8467 */
 	cfg->pad_queries = 1;
 	cfg->pad_queries_block_size = 128; /* from RFC8467 */
+	cfg->max_query_restarts = MAX_RESTART_COUNT;
 #ifdef USE_IPSECMOD
 	cfg->ipsecmod_enabled = 1;
 	cfg->ipsecmod_ignore_bogus = 0;
@@ -749,6 +750,7 @@ int config_set_option(struct config_file* cfg, const char* opt,
 	else S_SIZET_NONZERO("pad-responses-block-size:", pad_responses_block_size)
 	else S_YNO("pad-queries:", pad_queries)
 	else S_SIZET_NONZERO("pad-queries-block-size:", pad_queries_block_size)
+	else S_SIZET_NONZERO("max-query-restarts:", max_query_restarts)
 #ifdef USE_IPSECMOD
 	else S_YNO("ipsecmod-enabled:", ipsecmod_enabled)
 	else S_YNO("ipsecmod-ignore-bogus:", ipsecmod_ignore_bogus)
@@ -1196,6 +1198,7 @@ config_get_option(struct config_file* cfg, const char* opt,
 	else O_YNO(opt, "pad-queries", pad_queries)
 	else O_DEC(opt, "pad-queries-block-size", pad_queries_block_size)
 	else O_LS2(opt, "edns-client-strings", edns_client_strings)
+	else O_DEC(opt, "max-query-restarts", max_query_restarts)
 #ifdef USE_IPSECMOD
 	else O_YNO(opt, "ipsecmod-enabled", ipsecmod_enabled)
 	else O_YNO(opt, "ipsecmod-ignore-bogus", ipsecmod_ignore_bogus)
diff --git a/util/config_file.h b/util/config_file.h
index f5eda738c..23837065a 100644
--- a/util/config_file.h
+++ b/util/config_file.h
@@ -615,6 +615,9 @@ struct config_file {
 	/** block size with which to pad encrypted queries (default: 128) */
 	size_t pad_queries_block_size;
 
+	/** max number of query restarts. Determines max number of CNAME chain (default: 8) */
+	size_t max_query_restarts;
+
 	/** IPsec module */
 #ifdef USE_IPSECMOD
 	/** false to bypass the IPsec module */